Hi Bubble Community,
I’m facing a privacy rule issue with my application, where I have a relational database structure involving Clients, Leads, Tasks, Estimates, and Invoices. The relationships between the data types are as follows:
Tasks, Estimates, and Invoices reference Leads.
Leads reference Clients.
Additionally, I have an option set for Account Type with four roles: Admin, Team Members, Associates, and Clients.
I also have an Access Level option set, allowing me to define what data types each user can access (e.g., Clients, Leads, Tasks, Estimates, Invoices).
Current Setup:
-
Admin Permissions: Admins can fully control what each user type can access by defining permissions at the data-type level via the Access Level option set.
-
Privacy Rules for Tasks:
If the task is assigned to the current user, they can access all fields.
If the user’s Access Level contains “Tasks”, they can access all tasks regardless of assignment.
- Privacy Rules for Leads:
Similar structure where if the Access Level contains “Leads”, the user can access all leads.
The Issue:
Here’s where things get tricky: Tasks reference Leads, and Leads reference Clients. When a task is assigned to a user, they should ideally be able to see the associated Lead and Client data.
However, if a user only has permission to access Tasks (through their assignment or access level) but doesn’t have explicit permission to access Leads or Clients, the data related to those Leads and Clients isn’t rendering. This leads to incomplete data when viewing their assigned tasks.
The Main Challenge:
The real challenge is that Leads don’t have a Tasks reference, and Clients don’t have a Leads reference. This is a B-A connection where Tasks reference Leads, and Leads reference Clients, but Leads do not reference Tasks, and Clients do not reference Leads.
Because of this, I am unable to create a privacy rule for Leads that says “If the lead’s task’s assigned user is the current user” to give them access to the lead. Similarly, for Clients, I cannot create a privacy rule that says “If the Client’s Lead’s Task’s assigned user is the current user” because Clients don’t reference Leads or Tasks directly.
What I Want:
-
If a task is assigned to a user, they should be able to access the Lead referenced in the task and the Client attached to that lead even if they don’t have explicit permission for Leads or Clients.
-
On the other hand, if an admin grants full access to a user for Tasks, Leads, Clients, Estimates, Invoices, the user should be able to access everything without restrictions.
What I’ve Tried So Far:
For tasks, I have two privacy rules:
-
If the task is assigned to the current user, all fields are checked (so they can see their own tasks).
-
If the user’s Access Level contains “Tasks”, all fields are checked (to give them full task access).
The issue arises when the task references Leads and Clients. Even though the user has task access, if they don’t have Leads or Clients permissions, these references don’t load, causing incomplete data for the task view.
Desired Solution:
I want to define a privacy rule such that if a user has access to their assigned tasks, they should automatically get access to the Lead and Client referenced in that task, without needing explicit access to Leads or Clients.
However, since Leads do not have a reference to Tasks, and Clients do not have a reference to Leads, I can’t directly create a privacy rule like “If the Lead’s Task’s assigned user is the current user” for leads or clients. So, I need guidance on how to structure these privacy rules to handle this B-A relational structure.
At the same time, if the admin grants full access to Leads, Clients, Tasks, etc., the user should be able to access all data types fully.
I’d appreciate any guidance on how to set up this kind of hierarchical privacy rule structure, where access to a specific task also grants access to the related lead and client.
Thank you for your help!
